New SWIFT malware attack – second kick into the heart of the global financial system!

Could SWIFT be more vulnerable than previously thought?

On Thursday, the global Society for Worldwide Interbank Financial Telecommunications (SWIFT), released a warning message of another malware attack, similar to the hack of the Bangladesh central bank a while ago. The target, this time, was a commercial bank in Vietnam, which identity was not disclosed.

This is the second attempt to break through the SWIFT international payment system in the past two months. Earlier in February, a hack into SWIFT system that shocked the world led to $81 Million theft at the Bangladesh central bank. These recent malware hacks are raising an important question: Is this a direct attack right into the heart of the global financial system?

The global financial messaging system is used by thousands of banking institutions worldwide. They transfer billions of dollars through the secure SWIFT system every day. Such breaks may cause a real chaos and concerns related to the international payments security. It appears that the hackers, who stand behind these advanced cyber attacks, are not random people. Security researchers reveal, what we are witnessing here is a comprehensive online attack on the global banking and financial infrastructure.

Is this a direct attack right into the heart of the global financial system?

The last analysis of the second attack in Vietnam reveals a great number of similarities to the previous attack at the Bangladesh bank. In their first attack, the hackers used a highly sophisticated malware that was able to manipulate logs, erase the history of the fraudulent transactions, intercept and destroy incoming messages confirming the money transfers – all of this as a way of allowing hackers to remain undetected. After the Bangladesh bank attack was detected, SWIFT came with announcement ensuring its users that this scheme did no harm to its core messaging system.

However, in no time, we witnessed a similar attack against another bank, this time in Vietnam. Therefore, it is very likely that SWIFT is facing an organized and highly adaptive campaign, targeting international banking institutions. Moreover, after the second case, SWIFT came with a statement that the cybercriminals applied “deep and sophisticated knowledge of specific operation controls within the targeted banks”. It appears that such extensive knowledge could be gained either from malicious insiders or cyber attacks, or it could be a combination of both.

Whatever the attacking methods were, in both cases – in Bangladesh and now in Vietnam, hackers managed to successfully break through the SWIFT system of their target and this way apply a kick right into the heart of the global financial system. These recent attacks pose a serious challenge to the stability and raise questions about the safety of the banking systems all over the world.